<?php include "../../layout/header.php"; ?>
<?php include "../../layout/navleft.php"; ?>
<?php include "../../db/dbconnect.php"; ?>
<link rel="stylesheet" href="<?php echo($siteroot);?>css/admin.css" type="text/css" />

<?php if(isset($role) && $role == 'A'){?>
<script type="text/javascript">
    function openWindow(url){
        window.open(url, "_blank","height=300,width=600, status=0,toolbar=0,menubar=0,location=0");
        return false;
    }
    function createNews() {
        uid = 1;
        title = document.data.news_title.value;
        content = document.data.news_content.value;
        if (window.XMLHttpRequest) {
            xmlhttpCreate=new XMLHttpRequest();
        }
        else {
            xmlhttpCreate=new ActiveXObject("Microsoft.XMLHTTP");
        }
        params = "uid="+uid+"&title="+title+"&content="+content;
        xmlhttpCreate.open("POST","admin_announcements.php",false);
        xmlhttpCreate.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
        xmlhttpCreate.setRequestHeader("Content-length", params.length);
        xmlhttpCreate.setRequestHeader("Connection", "close");
        xmlhttpCreate.send(params);
        this.location.reload(true);
    }
    function checkAnnouncement(){
    	var title = document.data.title.value;
    	var content = document.data.content.value;
    	if(title == "" || content == ""){
    		return false;
    	}else {
    		return true;
    	}
    }
    
</script>

<?php
if(isset($_POST['submit_button'])){
	$uid = $_POST['uid'];
    $title = $_POST['title'];
    $content = $_POST['content'];


    $insert = "INSERT INTO news(uid, title, content) VALUES(".$uid.",\"".$title."\", \"".$content."\")";
    
    $result = mysql_query($insert) or die(mysql_error());
}

if(!isset($unserializedUser)) // test
	$user_id = 1; // test
else // test
	$user_id = $unserializedUser->getUid();
?>

<div id="content_medium_left">
	<div class="container_brown">
		<font face="Verdana" color = brown size = 2.5px> <a href="admin.php" >Admin</a></font>
	    <font face="Verdana" color =brown size = 2.5px> > Edit Announcement</font><br><br>
    	<div class="admin_div">
            <form name="data" action="admin_announcements.php" method="post" onsubmit="return checkAnnouncement()">
	            <font size ="3">New Announcement</font> <br><br>
	            <font size ="3">Title</font><br>
	            <textarea name="title" cols="50" rows="1" ></textarea><br>
	            <font size ="3">Message</font><br>
	            <textarea name="content" cols="50" rows="7" ></textarea>
	            <input type="hidden" name="uid" value="<?php echo ($user_id);?>"/>
	            <input type="submit" value="Post" name="submit_button"/>
            </form>
            <hr><br>

            <!-- This center tag will contain the table that displays the announcements -->
            <table class="admin_table" border=1 cellspacing=1 cellpadding=8>
                <tr>
                    <th width="20%">Title</th>
                    <th width="40%">Content</th>
                    <th width="20%">Date</th>
                    <th width="20%">Admin Name</th>
                </tr>
                <?php
                    $query = "SELECT a.nid,a.title,a.content,a.date,b.username,a.level,a.valid FROM news a,User b WHERE a.uid=b.uid ORDER BY date DESC";
                    $result = mysql_query($query) or die(mysql_error());
                     while($row = mysql_fetch_array( $result )) {
                         echo "<tr>";
                         echo "<td>";
                         echo "<a style=\"color:blue;\" href='edit_news.php' onclick=\"return openWindow('edit_news.php?nid=".$row['nid']."')\"> ".$row['title']."</a>";
                         echo "</td>";
                         echo "<td>".$row['content']."</td>";
                         echo "<td>".$row['date']."</td>";
                         //$name_query = "SELECT username from User where uid = ".$row['uid'];
                         //$name_result = mysql_query($name_query) or die(mysql_error());
                         //$poster_name = mysql_fetch_array( $name_result );
                         $poster_name = $row['username'];
                         echo "<td>";
                         //if($poster_name)
                         //   echo $poster_name['username'];
                         echo $poster_name;
                         echo "</td>";
                         echo "</tr>";
                         //echo "<tr>";
                         //echo "<th colspan='3' align='left'>".$row['content']."</th>";
                         //echo "</tr>";

                     }
                ?>
            </table>
        </div>
    </div>
</div>
<?php }else{?>
<div id="content_small">
	<div class="container_brown">
		<font face="Verdana" color = brown size = 2.5px> <a href="admin.php" >Admin</a></font>
	    <font face="Verdana" color =brown size = 2.5px> > Edit Announcement</font><br><br>
			<br><br>
			<p class="admin_head">This page is for administrator only.</p>
			<br><br>
	</div>
</div>
<?php
include "../../layout/navright.php"; 
}?>
<?php include "../../layout/footer.php"; ?>